Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ygDtfQaMxnDIYkHOzrmBjtO0kOM.roa
File: ygDtfQaMxnDIYkHOzrmBjtO0kOM.roa (raw, json)
Hash identifier: TmFH1ciUyBbxiiFgFjB1VzR/3VQEokUJVGV0rJX4Q9U=
Subject key identifier: CA:00:ED:7D:06:8C:C6:70:C8:62:41:CE:CE:B9:81:8E:D3:B4:90:E3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5377F2B28343568AC57FF7EFFD999DE8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ygDtfQaMxnDIYkHOzrmBjtO0kOM.roa
Signing time: Sat 02 Sep 2023 01:18:04 +0000
ROA not before: Sat 02 Sep 2023 01:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:53:77:f2:b2:83:43:56:8a:c5:7f:f7:ef:fd:99:9d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 01:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca00ed7d068cc670c86241ceceb9818ed3b490e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0f:78:18:a2:72:de:3c:27:90:6e:cb:01:10:
37:b5:72:cc:43:36:8a:ab:66:0e:16:59:cb:53:ee:
86:fd:0d:e7:67:47:7c:84:06:cc:8e:e8:c7:2e:db:
ec:7b:be:aa:a5:13:3a:36:b0:a3:2c:89:2b:99:17:
11:78:da:54:92:50:99:7c:cc:c2:b7:2c:cb:43:66:
56:bc:49:06:74:1f:c4:4d:b6:7a:67:5e:e9:73:82:
db:47:0c:04:e8:7e:20:cd:b6:0b:39:a4:81:95:bb:
32:b6:42:b7:a0:c1:c7:9d:58:24:f2:98:b4:8c:37:
48:54:6f:60:6b:4d:83:40:84:53:fa:2d:62:81:95:
76:28:d8:ba:20:b9:4b:1f:5a:96:ed:3c:aa:45:1f:
a4:dd:a5:c4:55:eb:7e:59:1c:b1:10:38:68:f2:59:
b7:16:d5:a5:1d:56:00:5d:b0:55:be:91:40:8d:cd:
7a:24:81:b9:40:43:8b:0a:99:87:6a:cd:eb:f1:38:
f4:75:d0:06:89:c2:58:01:4b:e2:1a:ca:bb:80:f2:
6d:2a:ea:dc:64:bc:5b:25:7c:2b:0a:eb:0e:f2:3b:
d4:04:ab:c7:05:2c:52:bc:30:b4:b2:97:c0:73:bd:
b0:af:6f:be:4a:af:7f:c8:ee:70:b4:d9:ec:ba:c4:
da:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:00:ED:7D:06:8C:C6:70:C8:62:41:CE:CE:B9:81:8E:D3:B4:90:E3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ygDtfQaMxnDIYkHOzrmBjtO0kOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:03:d4:cb:7b:f9:b0:a2:4f:07:6b:30:08:85:bc:6c:0c:88:
54:8f:da:fe:e5:36:e8:b0:25:6d:e1:73:cd:75:9e:d6:ca:98:
e2:d1:3e:17:bf:b0:fb:ac:49:08:4f:3d:c3:3a:f2:6a:2b:19:
6d:a4:60:55:cb:78:b2:06:e3:5b:6f:8b:40:ef:26:ca:55:7a:
86:7e:7e:a8:45:9b:7a:4b:4a:f3:25:4e:16:8d:35:11:63:d4:
ac:1b:05:22:8f:d0:07:0d:29:bb:63:71:d3:09:53:ec:69:c2:
33:bd:70:9d:be:9e:43:15:a3:f9:79:a3:21:7c:58:37:e9:36:
da:fa:85:1e:6f:60:2f:fc:3c:36:df:78:a4:d0:c6:de:5b:ae:
12:5d:57:97:7c:7f:3f:80:af:a0:ae:64:1b:b2:76:49:f9:99:
1a:80:db:8c:e7:32:1b:21:89:ae:0b:ec:80:99:71:79:6f:a7:
d5:a2:c0:63:53:d3:cb:d2:f4:7b:be:eb:de:73:11:a1:19:11:
12:e3:93:c9:91:4a:5b:2c:02:c0:9c:01:98:0d:59:7e:d6:40:
0e:af:01:b8:27:64:ec:d2:cf:41:75:92:ee:a9:1b:31:23:75:
6e:f6:b8:f4:dd:de:8b:e5:b7:76:fc:e0:de:73:ab:f1:a7:02:
a2:35:7d:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpTd/Kyg0NWisV/9+/9mZ3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDExODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTAwZWQ3ZDA2OGNjNjcwYzg2MjQxY2VjZWI5ODE4ZWQzYjQ5MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQ94GKJy3jwnkG7LARA3tXLMQzaK
q2YOFlnLU+6G/Q3nZ0d8hAbMjujHLtvse76qpRM6NrCjLIkrmRcReNpUklCZfMzC
tyzLQ2ZWvEkGdB/ETbZ6Z17pc4LbRwwE6H4gzbYLOaSBlbsytkK3oMHHnVgk8pi0
jDdIVG9ga02DQIRT+i1igZV2KNi6ILlLH1qW7TyqRR+k3aXEVet+WRyxEDho8lm3
FtWlHVYAXbBVvpFAjc16JIG5QEOLCpmHas3r8Tj0ddAGicJYAUviGsq7gPJtKurc
ZLxbJXwrCusO8jvUBKvHBSxSvDC0spfAc72wr2++Sq9/yO5wtNnsusTaewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMoA7X0GjMZwyGJBzs65gY7TtJDjMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveWdEdGZRYU14bkRJWWtIT3pybUJqdE8wa09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFgD1Mt7+bCiTwdrMAiF
vGwMiFSP2v7lNuiwJW3hc811ntbKmOLRPhe/sPusSQhPPcM68morGW2kYFXLeLIG
41tvi0DvJspVeoZ+fqhFm3pLSvMlThaNNRFj1KwbBSKP0AcNKbtjcdMJU+xpwjO9
cJ2+nkMVo/l5oyF8WDfpNtr6hR5vYC/8PDbfeKTQxt5brhJdV5d8fz+Ar6CuZBuy
dkn5mRqA24znMhshia4L7ICZcXlvp9WiwGNT08vS9Hu+695zEaEZERLjk8mRSlss
AsCcAZgNWX7WQA6vAbgnZOzSz0F1ku6pGzEjdW72uPTd3ovlt3b84N5zq/GnAqI1
fes=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:11 2025 by rpki-client